Re: [arch-d] Treating "private" address ranges specially

Martin Thomson <mt@lowentropy.net> Thu, 01 April 2021 03:57 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C19243A3F55 for <architecture-discuss@ietfa.amsl.com>; Wed, 31 Mar 2021 20:57:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.119
X-Spam-Level:
X-Spam-Status: No, score=-2.119 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=kvEBPsKC; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=EWLWHVD9
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9sR1SxmQ9O5j for <architecture-discuss@ietfa.amsl.com>; Wed, 31 Mar 2021 20:57:46 -0700 (PDT)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9EDF53A15E4 for <architecture-discuss@ietf.org>; Wed, 31 Mar 2021 20:57:46 -0700 (PDT)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id EF2DF5C010F; Wed, 31 Mar 2021 23:57:42 -0400 (EDT)
Received: from imap10 ([10.202.2.60]) by compute1.internal (MEProxy); Wed, 31 Mar 2021 23:57:42 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type; s=fm1; bh=nC+M81vsfddViw5jVN5wEret+aCpowN EDQlZamX7M4g=; b=kvEBPsKC55bo/l1KyLP7bOw/m4yvt4b2oXU5twbb6DOT06S KGXNZGuaqJ+HcL+gnJWUb2kujqniWuMum2GbR9J23CW4dNAyH0e/oK5ypEcw+nkb OoiZ83fGa9mP+IIPxAgyLl6KFlIr/lA2Nbi3EjROYY4xb779ZqLe8NoXD0jcmaWe qNYXu8iqLco5i9y44qgtJpyWkOOw+xrBSEaVpc4WB+7YnrD1jpEUA9zUB3mmKrGa wzqrvcpUwGBM/CrkqPb5ZbiJKOB4rWsKhFxqKEZ+WZlFEi7bv5acR5+Rqfs7ME1F dlZQoGXgJRWBQkyP8RL/NwEqD99L8f4W0NFJvJg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=nC+M81 vsfddViw5jVN5wEret+aCpowNEDQlZamX7M4g=; b=EWLWHVD97JsLNZHl+tV4ce Zcn5iINABi+zD2UCvzQeTmsZwDFAeiovypHn/hIyiFMjYvI6OvkiDTls9NAw0ke4 BlOW36Az1bRNN0CnjsOGOJhYcKgY6EmJfrX3fAEi7tg0pFEaaPQ/uT0b8rBRu5pL KB7PhAdwrO33sgiRwNewV/9jtPufKKwsahEXuqbrPBOfG/Ez+qT1E1eaiyBRWgOf sKj4/zBJM3TiWQKJkX3gx5KmAbeQdxclBvLvDNccXbigEvLV5PbTHHYJwroHCYAQ ktK81Yuu197dfrV63iGGV2DSHP/Ra08MUYRElnb9GReSm3Mf5MkkQHAmTR9TF7Iw ==
X-ME-Sender: <xms:tkRlYM_m0-h2NF11c6mzf2sSSQUugauebN4BR11h-Y_ON467ydb4-g> <xme:tkRlYEtcYRT5FVie3x1QtgpVAl2MT-y7-u2JL6fn_RAQt9tojzTwBGtj71pDoHngZ ijQSN1rjV8x0dKe57s>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrudeifedgjeehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepofgfggfkjghffffhvffutgesthdtredtreertdenucfhrhhomhepfdforghr thhinhcuvfhhohhmshhonhdfuceomhhtsehlohifvghnthhrohhphidrnhgvtheqnecugg ftrfgrthhtvghrnhepkeetueeikedtkeelfeekvefhkeffvedvvefgkefgleeugfdvjeej geffieegtdejnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrh homhepmhhtsehlohifvghnthhrohhphidrnhgvth
X-ME-Proxy: <xmx:tkRlYCAG5DwNkz69wTMR86Bs9w-H-IIQv1mmxmhqD7Ari2M46H2WFQ> <xmx:tkRlYMfH-nRkEOW-_L7YOjG5TmsR1krnNts0kMhZLNU-Lk7OLrN9kg> <xmx:tkRlYBOe-xfEhlQKELCF7AU0Y3sYrNFq6Kk9dkB9wWgQ56s6Cvwq6g> <xmx:tkRlYIatenQ3uZF9akWOW7Zjcg4QDXVJHzERMP03DaiKYKHOC1oqog>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 662FE4E0099; Wed, 31 Mar 2021 23:57:42 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.5.0-alpha0-273-g8500d2492d-fm-20210323.002-g8500d249
Mime-Version: 1.0
Message-Id: <955f0978-7416-4d20-9d8a-27dace821092@www.fastmail.com>
In-Reply-To: <2c2367b2-bbe1-7d4d-9edd-c7975420a540@huitema.net>
References: <4329d51a-d5ba-45b3-9fb0-6795dc6fccd3@www.fastmail.com> <CAMGpriWA4B8AThNKBOHo-bfAdQ2s5iYv8rBOB7X8UVc5GsqENA@mail.gmail.com> <CAMGpriUJkWYPyw7=oAj_GnGu2J14T3=VZYNWPZtAs870P=x0sg@mail.gmail.com> <a68636c2-5df0-46eb-8147-79ec6a992f8a@www.fastmail.com> <CAMGpriU_L8HbLFX_mMBtBXxy=XOc5BAnYgVR9R8TQO=DPvRD_g@mail.gmail.com> <F59E2FC3-19CE-4D14-9F1C-9F7125D89455@mnot.net> <CAMGpriVJCsird15oBfT=gSDTr59_yf9TkLmOSO7a9DGX0VRjOg@mail.gmail.com> <CA+9kkMB2iOA-QaCidJHVN=qqZ8TtPXV=xyfuKh+i44VzZLWG3w@mail.gmail.com> <c88bbb17-4a30-4241-af98-436ddf01ca5c@www.fastmail.com> <2c2367b2-bbe1-7d4d-9edd-c7975420a540@huitema.net>
Date: Thu, 01 Apr 2021 14:57:23 +1100
From: Martin Thomson <mt@lowentropy.net>
To: Christian Huitema <huitema@huitema.net>, architecture-discuss@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/gSgmNugOV6R_gqJ_R_J5i4kvHVY>
Subject: Re: [arch-d] Treating "private" address ranges specially
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Apr 2021 03:57:52 -0000

On Thu, Apr 1, 2021, at 14:33, Christian Huitema wrote:
> Do you have a description of the type of attacks you are thinking off? 

This is a general problem of which I have only a handful of concrete examples.

The proposal mentions SOHO Pharming, though the link is broken.  In essence, that attack abused default passwords and poorly secured routers to allow DNS configuration on those routers to be hijacked.  This sort of thing is fixed by any of a bunch of things (HTTPS, better passwords, changes to local topology, DoH), but it was still shockingly effective.

The other example I'm aware of is the Zoom problem (last year?  seems longer ago) where they ran a server on loopback that took instruction from random websites.  That was poorly secured and could be exploited.

I'm not clear on whether this particular proposal aims to address this (it might not) but enumeration of servers on local networks could be another target.  (It doesn't appear to attempt to block the timing side channels that are typically used for this, but it could.)